Generating TGTs for the MIT Kerberos Client Library
Review the instructions to generate TGTs for the MIT Kerberos Client
Library.
Start the kinit utility at the command line:
% kinit
Enter the kinit user name, such as your_name@YOUR.REALM.
Enter the password for your_name@YOUR.REALM, such as my_password. When you enter
your password, the kinit utility submits a request to the
Authentication Server for a TGT.
The password is used to compute a key, which in turn is used to decrypt part of
the response. The response contains the confirmation of the request, as well as
the session key. If you entered your password correctly, you now have a TGT.
Verify that you have a TGT by entering this line at the command line:
Ticket cache – tells you which file contains your credentials cache.
Default principal – is the login of the person who owns the TGT (in this case, you).
Valid starting/Expires/Service principal – the remainder of the output is a list of your existing tickets.
Because this is the first ticket you have requested, there is only one
ticket listed. The service principal
(krbtgt/YOUR.REALM@YOUR.REALM) shows that this
ticket is a TGT. Note that this ticket is good for approximately 8
hours.